Welcome to our guide on the “2-2-1”, “3-2-1”, “3-2-1-1-0”, and “4,3,2” Backup strategies.
What is the 2-2-1 Rule?
The 2-2-1 Rule is generally applied to non-critical devices. It states the following:
- There should be 2 copies of data
- On 2 different media
- With 1 copy being off-site
Example of the 2-2-1 Rule
- Production data (Copy 1, media 1)
- Offsite Cloud Copy (Copy 2, media 2)
The 2-2-1 rule is generally applied to end user workstations with a focus on end user data recovery.
What is the 3-2-1 Rule?
The 3-2-1 Rule is generally applied to critical devices. It states the following:
- There should be 3 copies of data
- On 2 different media
- With 1 copy being off-site
Example of the 3-2-1 Rule
- Production data (Copy 1, media 1)
- Backup data on a separate local device (Copy 2, media 2)
- Offsite Cloud Copy (Copy 3, media 3)
This example has three types of media, which goes beyond the criteria. Some organizations choose to not to include production data as one of the copies in the 3-2-1 Rule. With this preference, it is not uncommon for choose a 4th copy of the data on a 4th medium (like another NAS device onsite). It’s important to note that, among the two remaining copies, having different media is necessary, and the ability to restore should be taken into account. Onsite backups are often used for fast recovery.
What is a media location?
A separate media location for backups means storing your backup copies in different places. Here are some examples:
- Backups to another device (computer, server, or BCDR appliance)
- Backups to a dedicated storage device (like DAS, SAN, or NAS – RAID capable)
- Backups to separate internal storage disks (HDD, SSD, NVME)
- Backups to removable storage (external hard drive, flash drive, tapes, or hot swap disks)
- Backups in object storage, like the public cloud (Amazon S3, Google Cloud Storage, SFTP, and others)
Each of these methods provides a distinct place for your backups, adding extra security and ensuring you can recover your data if one location has issues.
Is it necessary to manually transport backup copies offsite?
Although considered outdated, this practice remains relevant in specific situations. For example, it may be applicable when offsite cloud replication isn’t viable due to slow, limited, or unreliable internet connectivity. In the past, removable storage backups were common, especially during the era of slow dial-up internet speeds. Tape backups, labeled for specific days of the week, were manually transported offsite to secure locations such as lockboxes or fireproof safes. Fortunately, with advancements in internet speeds and backup technologies, the manual transportation of backups to and from physical locations has become less common.
What is the 4-3-2 rule?
The 4-3-2 backup strategy is another modern backup strategy and is a viable option to consider for robust data protection. With this approach, four copies of data are maintained in three distinct locations. The first copy is stored on-premises, the second copy with cloud storage provider 1, and the third copy with a cloud storage provider 2. This configuration ensures that two copies are kept off-site, providing enhanced data protection against both disasters and targeted attacks. Choosing this strategy increases resilience and safeguards data in diverse locations, minimizing risks and enhancing overall backup effectiveness.
What is the 3-2-1-1-0 rule?
The upgraded rule comes down to the “1” and “0” at the end, highlighting its unique features:
- Make sure you have 3 copies of your data.
- Use 2 different types of storage.
- Keep 1 copy offsite.
- Have 1 copy offline, air-gapped, or unchangeable.
- Aim for 0 errors in recovery verification.
The additional “1” reintroduces the concept of an offline (air-gapped) copy. It could be either an off-site copy, as originally intended in the 3-2-1 rule (removable storage copy) or immutable storage in the cloud (meaning the data on it cannot be modified or changed).
Furthermore, the “0” in the approach signifies “zero errors” for stored backups. Achieving this involves daily monitoring of backup media, addressing any errors promptly, and conducting regular restore tests.
Why is Data Recovery Verification important to 3-2-1-1-0?
Data Recovery Verification is crucial in a 3-2-1-1-0 backup strategy as it plays a vital role in preventing surprises during the restore process. Confidence in data restoration is established through recovery verification. It acknowledges that certain issues, visible only during restores or reboots, may surface, emphasizing the importance of thorough verification for a smooth and reliable recovery process.
What is an air-gapped backup?
An air-gapped backup is a type of backup that is physically separated from the computer or network it is meant to protect. It is also often excluded from external networks such as the internet. This isolation helps enhance security by preventing unauthorized access and protecting against online threats like malware and cyberattacks. Air-gapped backups are used in secure environments, and they involve manually connecting and disconnecting storage devices to maintain the physical separation.
What is an immutable backup?
An immutable backup refers to a type of backup that is resistant to modification or deletion for a specified period. Once a backup is marked as immutable, it cannot be altered or deleted, providing an additional layer of protection against accidental or malicious changes. This feature is particularly valuable in safeguarding data from ransomware attacks, as it helps ensure that even if the primary data is compromised, the immutable backup remains unchanged and can be relied upon for recovery. The immutability of the backup is typically enforced by the backup software or storage system, making it a crucial aspect of data protection and security strategies.